<?php

/** * @author 	barbarosalcin * @desc	page_admin_users * @version	$Id: 20110317 * @package	admin */

if ($tk->session->data['user_level'] <= USER)
{
	$allowed = 0;
	return;
}

$error = 0;
$filename = basename(__FILE__);
$pagename = substr(substr($filename, 0, - 4), 5, 99);
define('IN_ADMINPAGE', true);

$item_table = USERS_TABLE;

/** * @ignore createtime,status */

$item_fields = "username,user_firstname,user_surname,user_level,user_email,user_title,user_association,user_phone";

/** * @uses text/imagebrowser/textarea/ckeditor/hidden/file/select/date/checkbox/number/readonly_text/file_upload */

$item_array = array(
		'user_id' => 'hidden', 
		'username' => 'text', 
		'user_plain_password' => 'text', 
		'user_firstname' => 'text', 
		'user_surname' => 'text', 
		'user_level' => 'select', 
		'user_email' => 'text', 
		'user_phone' => 'text', 
		'user_title' => 'text', 
		'user_association' => 'text', 
		
		'arr' => array());

$item_array['arr']['user_level'] = array(
		'0' => $lang['please_select'], 
		USER => $lang[$pagename]['ul'][USER],
		USER_ONLINE => $lang[$pagename]['ul'][USER_ONLINE],		
		ADMIN => $lang[$pagename]['ul'][ADMIN]);

$item_fields_additem = preg_replace('/(\w+)/i', '\'\$$1\'', $item_fields);
$item_fields_manitem = preg_replace('/(\w+)/i', '$1=\'\$$1\'', $item_fields);

if ((int) $_POST['submit'])
{
	include ('pages/admin/ajax_' . $pagename . '.php');
	return;
}

/* get list */
if (! empty($setmodules))
{
	if ($tk->session->data['user_level'] == ADMIN)
	{
		$modules[$pagename]['additem'] = $req['language'] . '-' . $pagename . $config['seoext'] . '?act=additem';
	}
	$modules[$pagename]['manitem'] = $req['language'] . '-' . $pagename . $config['seoext'] . '?act=manitem';
	return;
}

if ($req['get']['act'] == 'additem')
{
	if ($tk->session->data['user_level'] != ADMIN)
	{
		$error = 'access_denied';
		goto end;
	}
	$tk->page->_pv['items'] = $item_array;
	$tk->page->_pv['data']['act'] = $req['get']['act'];
	$tk->page->_pv['data'][$req['get']['act']] = $req['language'] . '-' . $pagename . '.html?';
}

if ($req['get']['act'] == 'manitem')
{
	
	/**
	 * @uses text,select,time 
	 */
	$search_array = array(
			'id_only' => array(
					'id' => 'text'), 
			'time-interval' => array(
					'status' => 'select', 
					'starttime' => 'time', 
					'endtime' => 'time'), 
			'arr' => array());
	
	$search_array['arr']['status'] = array(
			0 => $lang[$pagename]['status_t']['0'], 
			1 => $lang[$pagename]['status_t']['1'], 
			2 => $lang[$pagename]['status_t']['2']);
	$search_array['arr']['status']['-1'] = $lang['all'];
	$search_array['arr']['user']['-1'] = $lang['all'];
	ksort($search_array['arr']['user']);
	ksort($search_array['arr']['status']);
	
	if ((int) $req['get']['s'])
	{
		$search_type = $req['get']['f'];
		
		foreach ( $search_array[$search_type] as $key => $value )
		{
			if ($req['get'][$key] != '-1')
			{
				if ($value == 'time' && $req['get'][$key] != '')
				{
					$req['get'][$key] = $tk->f->date2int($req['get'][$key]);
				}
				switch ($key)
				{
					case 'starttime' :
						// 2 weeks
						$req['get'][$key] = ($req['get'][$key] != '') ? $tk->f->date2int(date('d/m/Y', $req['get'][$key])) : ($tk->config['time'] - 1209600);
						$where_condition[] = "user_regdate >= '{$req['get'][$key]}'";
					break;
					case 'endtime' :
						$req['get'][$key] = ($req['get'][$key] != '') ? $tk->f->date2int(date('d/m/Y', $req['get'][$key])) : $tk->config['time'];
						$where_condition[] = "user_regdate <= '{$req['get'][$key]}'";
					break;
					default :
						$where_condition[] = "$key = '{$req['get'][$key]}'";
					break;
				}
			}
		}
		
		$where_condition = implode(" AND ", $where_condition);
		
		$order_by = "username asc";
		
		$sql = "SELECT SQL_CACHE user_id as id,$item_fields,user_active as status from $item_table where $where_condition order by $order_by";

		if (! ($result = $tk->db->sql_query($sql)))
		{
			$error = 'sql';
			goto end;
		}
		
		$i = 0;
		
		while($row = $tk->db->sql_fetchrow($result))
		{
			$data_json['p' . $i] = $row;
			$data_json['p' . $i]['user_fullname'] = $row['user_firstname'] . ' ' . $row['user_surname'];
			$data_json['p' . $i]['ulevel'] = $item_array['arr']['user_level'][$row['user_level']];
			$i++;
		}
		
		$tk->page->_pv['json'] = 1;
	}
	
	$tk->page->_pv['items'] = $item_array;
	$tk->page->_pv['search'] = $search_array;
	$tk->page->_pv['data']['act'] = $req['get']['act'];
	$tk->page->_pv['data'][$req['get']['act']] = $req['language'] . '-' . $pagename . '.html?';
	$tk->page->_pv['data_json'] = preg_replace('%\[(.+)\]%', '$1', json_encode($data_json));
	return;
}

if ($req['get']['act'] == 'getitem')
{
	$user_id = (int) $req['get']['id'];
	
	$sql = "SELECT SQL_CACHE user_id,$item_fields from $item_table where user_id = '$user_id' AND user_id > 1 ";
	if (! ($result = $tk->db->sql_query($sql)))
	{
		$error = 'sql';
		goto end;
	}
	$data_json = $tk->db->sql_fetchrow($result);
	$tk->page->_pv['json'] = 1;
	$tk->page->_pv['data_json'] = preg_replace('%\[(.+)\]%', '$1', json_encode($data_json));
	return;
}

if ($req['get']['act'] == 'delitem')
{

	$id = (int) $req['get']['id'];
	/*
	$sql = "delete from $item_table where user_id = '$id' AND user_id > 1";
	*/
	
	$sql = "update $item_table set user_active = '2' where user_id='$id' AND user_id > 1";
	
	if (! ($result = $tk->db->sql_query($sql)))
	{
		$error = 'sql';
		goto end;
	}
	
	$data_json = array(
			'header' => $lang['success_header'], 
			'message' => $lang[$pagename][$req['get']['act']]['success'], 
			'xhr_status' => '1');
	$tk->page->_pv['json'] = 1;
	$tk->page->_pv['data_json'] = json_encode($data_json);
	return;
}

if ($req['get']['act'] == 'toggle')
{
	
	$id = (int) $req['get']['id'];
	$status = (int) $req['get']['t'];
	$sql = "update $item_table set user_active= '$status',user_actkey='',user_newpasswd='' where user_id='$id' AND user_id > 1";
	
	if (! ($result = $tk->db->sql_query($sql)))
	{
		$error = 'sql';
		goto end;
	}
	$data_json = array(
			'xhr_status' => '1');
	
	if ($status == 1)
	{
		
		$sql = "select user_email,user_firstname,user_surname from " . USERS_TABLE . " where user_id='$id'";
		if (! ($result = $tk->db->sql_query($sql)))
		{
			$error = 'sql';
			goto end;
		}
		
		$row = $tk->db->sql_fetchrow($result);
		
		$tk->postman->subject = $config['sitename'] . ' - ' . $lang['p_email']['user_confirmed'];
		$tk->postman->setfrom($config['contact_mail'], $config['contact_name']);
		$tk->postman->addaddress($row['user_email'], $row['user_firstname'] . ' ' . $row['user_surname']);
		
		$tk->postman->assign_vars(array(
				'NAME' => $row['user_firstname'] . ' ' . $row['user_surname'], 
				'SITENAME' => $config['sitename'], 
				'IP' => $tk->f->decode_ip($user_ip), 
				'TIME' => date("H:i:s d.m.Y", $config['time'])));
		
		$tk->postman->ishtml(true);
		
		if (! $tk->postman->sendmail('user_confirmed'))
		{
			
			$error = 'sendmail';
			goto end;
		}
	}
	$tk->page->_pv['json'] = 1;
	$tk->page->_pv['data_json'] = json_encode($data_json);
	return;
}

end: